Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Security protocols in constrained
environments
Chris Swan
@cpswan
TL;DR
System type

Such as

Will it work?

The issue

Low end embedded Atmel 8-bit AVR
(most Arduino),
TI MSP-430

No

SRA...
Agenda
• Anatomy of a security protocol
– The key exchange dance

•
•
•
•

Linux makes things easy
Libraries for higher en...
Which security protocols?
The ‘S’ protocols:
Secure Sockets Layer (SSL)
Superseded by Transport Layer Security (TLS)

Secu...
SSL Handshake
Client Hello
It’s a similar story for SSH
and IPsec
Linux makes this easy
If not already built in to a particular distribution
then use favourite package manager to get:

(no...
Things get trickier with embedded
But by no means impossible…
Stack trades offs may be made
But those keys won’t fit into 2K
At least not with anything resembling a useful
application…

… Arduino struggles with MQT...
Summary
System type

Such as

Will it work?

The issue

Low end embedded Atmel 8-bit AVR
(most Arduino),
TI MSP-430

No

S...
Questions?
Further reading
PolarSSL tutorial
https://polarssl.org/kb/how-to/polarssl-tutorial
AVR32753: AVR32 UC3 How to connect to a...
Upcoming SlideShare
Loading in …5
×

Security protocols in constrained environments

4,490 views

Published on

From Open Source Hardware Users Group (OSHUG #31)

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security protocols in constrained environments

  1. 1. Security protocols in constrained environments Chris Swan @cpswan
  2. 2. TL;DR System type Such as Will it work? The issue Low end embedded Atmel 8-bit AVR (most Arduino), TI MSP-430 No SRAM Mid-high end embedded Anything ARM based (e.g. STM Discovery, TI Stellaris) inc. Arduino Due With some effort Library, key and cipher suite wrangling Linux OS Raspberry Pi, BeagleBone, Arduino Yún Yes -
  3. 3. Agenda • Anatomy of a security protocol – The key exchange dance • • • • Linux makes things easy Libraries for higher end microcontrollers SRAM on low end microcontrollers Summary
  4. 4. Which security protocols? The ‘S’ protocols: Secure Sockets Layer (SSL) Superseded by Transport Layer Security (TLS) Secure SHell (SSH) Internet Protocol Security (IPsec)
  5. 5. SSL Handshake
  6. 6. Client Hello
  7. 7. It’s a similar story for SSH
  8. 8. and IPsec
  9. 9. Linux makes this easy If not already built in to a particular distribution then use favourite package manager to get: (no relation)
  10. 10. Things get trickier with embedded But by no means impossible…
  11. 11. Stack trades offs may be made
  12. 12. But those keys won’t fit into 2K At least not with anything resembling a useful application… … Arduino struggles with MQTT and 1wire
  13. 13. Summary System type Such as Will it work? The issue Low end embedded Atmel 8-bit AVR (most Arduino), TI MSP-430 No SRAM Mid-high end embedded Anything ARM based (e.g. STM Discovery, TI Stellaris) inc. Arduino Due With some effort Library, key and cipher suite wrangling Linux OS Raspberry Pi, BeagleBone, Arduino Yún Yes -
  14. 14. Questions?
  15. 15. Further reading PolarSSL tutorial https://polarssl.org/kb/how-to/polarssl-tutorial AVR32753: AVR32 UC3 How to connect to an SSL-server http://www.atmel.com/Images/doc32111.pdf STM32 Discovery: Porting Polar SSL http://hobbymc.blogspot.co.uk/2011/02/stm32discovery-porting-polar-ssl.html

×